Predator and CL could not provide any possible suspects.
Using the code search for the file, “cf2intrp.c” cc'ing the possible owner from GIT revision log.

Suspecting Commit#
https://chromium.googlesource.com/chromium/src/third_party/freetype2.git/+/e66d7300fec2f9fc60e43a924af1972b07ee316b

@wl -- Could you please look into this issue, kindly reassign if it has nothing to do with your changes.

Thank You.

I can't – I'm not authorized to access the reproducer testcase.

Here is the Change Log from the above CF report.

https://chromium.googlesource.com/chromium/src/+log/15cfdc4408fe45fea2657592c9bd3dbf6ade27af..ba5159d871bb21b4b151262dd9234d0261b81331?pretty=fuller&n=10000

npm@, can you please look into this if possible?

Thank you!

ClusterFuzz has detected this issue as fixed in range 509040:509063.

Detailed report: https://clusterfuzz.com/testcase?key=6452490777395200

Fuzzer: libFuzzer_pdf_font_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  cf2_doStems
  cf2_interpT2CharString
  cf2_getGlyphOutline
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=472859:472915
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=509040:509063

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6452490777395200

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 6452490777395200 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.